Lucene search
K

4 matches found

OSV
OSV
added 2014/11/24 3:59 p.m.9 views

CVE-2014-8417

ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to 1 gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or 2 execute arbitrary system...

7.3AI score
Exploits0References1
CVE
CVE
added 2014/11/24 3:0 p.m.73 views

CVE-2014-8417

CVE-2014-8417 affects Asterisk’s ConfBridge: remote authenticated users can escalate privileges via the external protocol to the CONFBRIDGE dialplan function or run arbitrary commands via a crafted ConfbridgeStartRecord AMI action. Affected: Asterisk 11.x pre-11.14.1, 12.x pre-12.7.1, 13.x pre-13...

6.5CVSS7.2AI score0.02357EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2014/11/24 3:0 p.m.25 views

CVE-2014-8417

ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to 1 gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or 2 execute arbitrary system...

6.5CVSS7.1AI score0.02357EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/24 12:0 a.m.38 views

FreeBSD : asterisk -- Multiple vulnerabilities (7bfd797c-716d-11e4-b008-001999f8d30b)

The Asterisk project reports : AST-2014-014 - High call load may result in hung channels in ConfBridge. AST-2014-017 - Permission escalation through ConfBridge actions/dialplan functions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

6.5CVSS5.3AI score0.02357EPSS
Exploits0References5
Rows per page
Query Builder